Remote desktop software is widely used to provide the user of a local, client computing device with the resources and functionality available to a second, remote computing device. The software typically allows the user to access and control the desktop environment of the remote computer using the client computer by providing the client computer with a view of the user interface of the remote computer, and by transmitting user input from the client computer to the remote computer.
There are a number of applications of remote desktops. For example, employees who wish to work from home, or while they are otherwise out of their office, can use the software to access their office desktop environment. Alternatively, now that cloud computing is widely available, many people access software and other resources that are stored on servers in data centres. As another example, IT support staff may use remote desktop software to take control of a user's desktop to provide troubleshooting. Frequently used remote desktop software for such applications include Citrix® and Apple® Remote Desktop.
Remote desktop software operates through a client/server model. A client component of the remote desktop software is installed on the client computer, and a server component of the software is installed on the remote computer. If the client computer is connected to the remote computer through a network, the client and server components of the software can communicate. This necessarily involves bidirectional communication over the network, with the view of the desktop environment of the remote computer being transmitted over the network in one direction, and user input being transmitted over the network in the other direction.
While known remote desktop software is adequate in many situations, security may be a concern. This is especially the case where the client computer is a relatively secure computer, while the remote computer is relatively insecure. If an insecure remote computer is connected to the internet and has been compromised by a third party, or is running malicious software, it may represent an unacceptable risk to the secure computer. For example, the malicious software may be able to craft communications to the secure device over the network, thus gaining control over the secure device.
It is an object of embodiments of the present invention to provide for the control of an insecure computer from a secure computer, with the security of the secure computer guaranteed.